Hello TribeHR,
Our security tools have identified a few in the public repository TribeHR/AppDirect-PHP-Wrapper. Details are as follows:
🚨 [HIGH] Keyword 'secret' found in AppDirectConnector.php at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectConnector.php
🚨 [MEDIUM] Keyword 'token' found in AppDirectConnector.php at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectConnector.php
🚨 [HIGH] Possible secret assignment in AppDirectConnector.php https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectConnector.php
🚨 [HIGH] Keyword 'token' found in AppDirectEvent.php at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectEvent.php
🚨 [HIGH] Keyword 'secret' found in README.md at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/README.md
Could you please review these findings and, if feasible, change the repository's visibility from public to private to prevent potential exposure of sensitive AppDirect information?
Hello TribeHR,
Our security tools have identified a few in the public repository TribeHR/AppDirect-PHP-Wrapper. Details are as follows:
🚨 [HIGH] Keyword 'secret' found in AppDirectConnector.php at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectConnector.php
🚨 [MEDIUM] Keyword 'token' found in AppDirectConnector.php at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectConnector.php
🚨 [HIGH] Possible secret assignment in AppDirectConnector.php https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectConnector.php
🚨 [HIGH] Keyword 'token' found in AppDirectEvent.php at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/AppDirectEvent.php
🚨 [HIGH] Keyword 'secret' found in README.md at line 6 https://raw.githubusercontent.com/TribeHR/AppDirect-PHP-Wrapper/master/README.md
Could you please review these findings and, if feasible, change the repository's visibility from public to private to prevent potential exposure of sensitive AppDirect information?